Apple has removed hundreds of applications from its App Store, expressing its concern that the security of some users' personal data could be compromised in certain circumstances. In particular, Apple took the view that these apps threatened users' security by installing certificates that can expose data to monitoring by third parties. This was due to the fact that Apps had root certificates which routed user data to servers where it could be analyzed, enabling network providers to view encrypted traffic, leaving users vulnerable to data breaches.
According to reports, among the apps that were removed is the Been Choice app, which offered ad blocking for the Safari browser, as well as a VPN to turn off ads inside Facebook, Yahoo, and Apple News, using deep packet inspection to remove native ads and sponsored content.
Moreover, App Store apps were using a third-party advertising SDK that allowed the third-party to harvest users’ information without their consent (e.g. email addresses, device ID, apps that were installed on the device, etc.) and to route it to its company server. Accordingly, Apple has declared that any new apps submitted to the App Store using this SDK will be rejected. This incident illustrates the importance of obtaining users' consent for data collection by SDKs which are installed with an app.